public static X509Certificate MakeCertificate(IAsymmetricCipherKeyPair _subKP, string _subDN, IAsymmetricCipherKeyPair _issKP, string _issDN, string algorithm, bool _ca) { IAsymmetricKeyParameter _subPub = _subKP.Public; IAsymmetricKeyParameter _issPriv = _issKP.Private; IAsymmetricKeyParameter _issPub = _issKP.Public; X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator(); _v3CertGen.Reset(); _v3CertGen.SetSerialNumber(allocateSerialNumber()); _v3CertGen.SetIssuerDN(new X509Name(_issDN)); _v3CertGen.SetNotBefore(DateTime.UtcNow); _v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); _v3CertGen.SetSubjectDN(new X509Name(_subDN)); _v3CertGen.SetPublicKey(_subPub); _v3CertGen.SetSignatureAlgorithm(algorithm); _v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, createSubjectKeyId(_subPub)); _v3CertGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, createAuthorityKeyId(_issPub)); _v3CertGen.AddExtension(X509Extensions.BasicConstraints, false, new BasicConstraints(_ca)); X509Certificate _cert = _v3CertGen.Generate(_issPriv); _cert.CheckValidity(DateTime.UtcNow); _cert.Verify(_issPub); return _cert; }
public static X509Certificate MakeCertificate(AsymmetricCipherKeyPair _subKP, string _subDN, AsymmetricCipherKeyPair _issKP, string _issDN, bool _ca) { AsymmetricKeyParameter _subPub = _subKP.Public; AsymmetricKeyParameter _issPriv = _issKP.Private; AsymmetricKeyParameter _issPub = _issKP.Public; X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator(); _v3CertGen.Reset(); _v3CertGen.SetSerialNumber(allocateSerialNumber()); _v3CertGen.SetIssuerDN(new X509Name(_issDN)); _v3CertGen.SetNotBefore(DateTime.UtcNow); _v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); _v3CertGen.SetSubjectDN(new X509Name(_subDN)); _v3CertGen.SetPublicKey(_subPub); _v3CertGen.SetSignatureAlgorithm("MD5WithRSAEncryption"); _v3CertGen.AddExtension(X509Extensions.SubjectKeyIdentifier, false, createSubjectKeyId(_subPub)); _v3CertGen.AddExtension(X509Extensions.AuthorityKeyIdentifier, false, createAuthorityKeyId(_issPub)); if (_ca) { _v3CertGen.AddExtension(X509Extensions.BasicConstraints, false, new BasicConstraints(_ca)); } else { _v3CertGen.AddExtension(X509Extensions.ExtendedKeyUsage, true, ExtendedKeyUsage.GetInstance(new DerSequence(KeyPurposeID.IdKPTimeStamping))); } X509Certificate _cert = _v3CertGen.Generate(_issPriv); _cert.CheckValidity(DateTime.UtcNow); _cert.Verify(_issPub); return _cert; }
public static X509Certificate MakeCertificate( AsymmetricCipherKeyPair subKP, string _subDN, AsymmetricCipherKeyPair issKP, string _issDN, bool _ca) { AsymmetricKeyParameter subPub = subKP.Public; AsymmetricKeyParameter issPriv = issKP.Private; AsymmetricKeyParameter issPub = issKP.Public; X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); v3CertGen.Reset(); v3CertGen.SetSerialNumber(AllocateSerialNumber()); v3CertGen.SetIssuerDN(new X509Name(_issDN)); v3CertGen.SetNotBefore(DateTime.UtcNow); v3CertGen.SetNotAfter(DateTime.UtcNow.AddDays(100)); v3CertGen.SetSubjectDN(new X509Name(_subDN)); v3CertGen.SetPublicKey(subPub); if (issPub is RsaKeyParameters) { v3CertGen.SetSignatureAlgorithm("SHA1WithRSA"); } else if (issPub is ECPublicKeyParameters) { ECPublicKeyParameters ecPub = (ECPublicKeyParameters) issPub; if (ecPub.AlgorithmName == "ECGOST3410") { v3CertGen.SetSignatureAlgorithm("GOST3411withECGOST3410"); } else { v3CertGen.SetSignatureAlgorithm("SHA1withECDSA"); } } else { v3CertGen.SetSignatureAlgorithm("GOST3411WithGOST3410"); } v3CertGen.AddExtension( X509Extensions.SubjectKeyIdentifier, false, CreateSubjectKeyId(subPub)); v3CertGen.AddExtension( X509Extensions.AuthorityKeyIdentifier, false, CreateAuthorityKeyId(issPub)); v3CertGen.AddExtension( X509Extensions.BasicConstraints, false, new BasicConstraints(_ca)); X509Certificate _cert = v3CertGen.Generate(issPriv); _cert.CheckValidity(); _cert.Verify(issPub); return _cert; }